Systems and methods for use in certifying interactions with hosted services

ABSTRACT

Systems and methods are provided for validating customer use of application programing interfaces (APIs). An exemplary computer-implemented method includes, in response to a request from a customer computing device for use of an API hosted by an API computing device, selecting a test case specific to the API for a test project and transmitting the test project to the customer computing device for execution by the customer computing device. The method also includes monitoring data payloads between the API computing device and the customer computing device and compiling and transmitting a report indicative of a result of the test case based on the monitored data payloads, where the report is indicative of whether the monitored data payloads are compliant with a standard associated with the API, thereby indicating certification of the customer&#39;s use of the API to provide at least one service associated with the API, or not.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No.15/846,275, filed on Dec. 19, 2017. The entire disclosure of the aboveapplication is incorporated herein by reference.

FIELD

The present disclosure generally relates to systems and methods for usein certifying interactions with hosted services, and in particular, tosystems and methods for validating use of one or more applicationprograming interfaces (APIs) (broadly, hosted services), by users, basedon data payloads between the APIs and the users.

BACKGROUND

This section provides background information related to the presentdisclosure which is not necessarily prior art.

Different entities often provide services to other entities (orcustomers). The services may include physical services, in which theentities perform the services at a location associated with thecustomers. Alternatively, the services may include electronic services,whereby the electronic services may be performed at the customerlocations or remote therefrom. When the services are performed remotelyfrom the customers, the entities provide the electronic services throughone or more different mechanisms, for example, one or more network-basedmechanisms. An example of such a mechanism includes an applicationprogramming interface, or API. In connection therewith, the entityproviding the API service (often referred to as a host) providesspecific instructions to the customer so that the customer may interactwith the API and receive intended benefits of the API service. Becauseerrant interactions may cause issues not only for the customer but alsofor the host and/or other entities associated with the API service, insome instances the host may require that the customer be certified foruse of the API service prior to the customer being granted full accessthereto (e.g., via a production environment, etc.).

DRAWINGS

The drawings described herein are for illustrative purposes only ofselected embodiments and not all possible implementations, and are notintended to limit the scope of the present disclosure.

FIG. 1 illustrates an exemplary system for use in certifyinginteractions with one or more hosted services, and including one or moreaspects of the present disclosure;

FIG. 2 is a block diagram of an exemplary computing device that may beused in the system of FIG. 1;

FIG. 3 is an exemplary method for use in certifying interactions with ahosted service, and which can be implemented via the system of FIG. 1;and

FIG. 4 illustrates an exemplary interface that may be used in the systemof FIG. 1 and/or the method of FIG. 3 to provide interactions betweencustomers and one or more hosted services.

Corresponding reference numerals indicate corresponding parts throughoutthe several views of the drawings.

DETAILED DESCRIPTION

Exemplary embodiments will now be described more fully with reference tothe accompanying drawings. The description and specific examplesincluded herein are intended for purposes of illustration only and arenot intended to limit the scope of the present disclosure.

Services may be provided to customers in various of manners, including,for example, through application programming interfaces, or APIs. Whencustomers utilize APIs, the customers are typically instructed as to theproper interaction with (or use of) the APIs, so that services performedby the APIs are performed correctly and any resulting output isaccurate/proper. When the APIs are misused, or used improperly, theunderlying services may generate unexpected or incorrect data outputs.As such, entities providing the APIs, such as payment networks, etc.,often require the customers to be certified in their use of the APIsprior to granting permission to the customers for full and/or unfettereduse of the APIs. Uniquely, the systems and methods herein allow forvalidating and/or certifying customers in their use of one or more APIs,through monitoring of data payloads between the customers and theAPI(s). In particular, a certification engine is provided between acustomer and an API (for example, hosted by a payment network), tomonitor the data flow (or data payloads) between the customer and theAPI. In connection therewith, the certification engine provides a testproject for the customer and the API, which includes one or more testcases. When the test case(s) is (are) performed, through interactionsbetween the customer and the API, the certification engine monitors thedata flow there between. Then, based on the data flow, the certificationengine determines if corresponding data payloads are compliant with oneor more standards associated with the API or are otherwise consistentwith the expectancy of the test case(s), to thereby certify that thetest case(s) is (are) completed, or not. The certification enginefurther provides real time or near real time feedback to the customerand/or the API host (e.g., the payment network, etc.) to promoteefficiencies in the validation and/or certification of the customer forthe API. In this manner, the API host may provide consistent andefficient certification of the customer for use of the API. Real time,for example, may include providing feedback to the customer and/or APIhost immediately after or within a few seconds of the user performing atest case (e.g., within about one second, within about three seconds,within about five seconds, within about ten seconds, within about thirtyseconds, within about one minute, etc.), and near real time may includeproviding feedback to the customer and/or API host within a later timeof the customer performing at test case, but still within about aminute, about two minutes, about five minutes, or about 30 minutes, etc.

FIG. 1 illustrates an exemplary system 100, in which one or more aspectsof the present disclosure may be implemented. Although parts of thesystem 100 are presented in one arrangement, other embodiments mayinclude the same or different parts arranged otherwise, depending, forexample, on applications and/or services involved therein, datawarehouses available for access, etc.

The illustrated system 100 generally includes a payment network 102 andcustomers 104 and 106, each coupled to network 108. The network 108 mayinclude, without limitation, one or more local area networks (LANs),wide area networks (WANs) (e.g., the Internet, etc.), mobile networks,virtual networks, other networks as described herein, and/or othersuitable public and/or private networks capable of supportingcommunication among two or more of the illustrated parts, or evencombinations thereof. In one example, the network 108 includes multiplenetworks, where different ones of the multiple networks are accessibleto different ones of the illustrated components in FIG. 1. Inparticular, the payment network 102 and the customer 104 may beconnected via a private network for processing transactions and,separately, the payment network 102 may be connected to the customer 106through a public network, such as the Internet.

Generally in the system 100, the customers 104 and 106 are financialinstitutions, such as banks, which provide financial services related tobanking, lending, insurance, investments, etc. The customers 104 and 106may therefore rely on certain data from the payment network 102 to makebusiness decisions or other decisions related to those financialservices and/or to carry out financial transactions or processes relatedto the financial services that the customers 104 and 106 provide. Thecustomers 104 and 106 may also rely on certain services offered by thepayment network 102 to make such decisions and/or to carry out suchfinancial transactions and processes. With that said, while thecustomers 104 and 106 are described as financial institutions herein, itshould be appreciated that the customers 104 and 106 may include anytype of entity, institution, person, etc., which may request and/or relyon data from, or services offered by, the payment network 102 (oranother entity associated therewith, etc.). What's more, while describedas implemented in the payment network 102, the present disclosure shouldnot be understood to be limited to the payment network 102, or topayment networks in general, as other entities may be included in thesystem 100 in other system embodiments (such that the various featuresdescribed herein with regard to the payment network 102 are alsoapplicable to the other entities). With that said, in general, thepresent disclosure is applicable to entities that maintain datawarehouses and provide reports from the data warehouses, eitherinternally or externally, to customers thereof or other interestedentities.

The payment network 102 of the illustrated system 100 generally includesmultiple application programing interfaces (APIs), such as APIs 110 aand 110 b. Each of the APIs 110 a and 110 b is illustrated as beingseparate from the other one of the APIs 110 a and 110 b. However, itshould be appreciated that the APIs 110 a and 110 b may be hosted byand/or present on the same computing device, or segregated to separateand/or multiple separate computing devices as desired. In addition, theAPIs 110 a and 110 b are internal to the payment network 102 in thisexemplary embodiment, while, in other embodiments, the APIs 110 a and110 b may be external, in whole or in part, to the payment network 102.

As part of its business and/or support of its customers 104 and 106, forexample, the payment network 102 may offer a number of operations and/orservices to the customers 104 and 106. The services may be madeavailable to the customers 104 and 106 in one or more manners,including, specifically, through the APIs 110 a and 110 b. The servicesunderlying the APIs 110 a and 110 b may be generally simple in nature,for example, the retrieval of or the check on specific data, or they maybe more complex, for example, relating to a payment account transaction,etc. As an example, one or both of the APIs 110 a and 110 b may beassociated with a service of providing rich information about a givenmerchant to one or both of the customers 104 and 106 (e.g., where one orboth of the customers 104 and 106 may include an acquirer or issuer,etc.). As another example, one or both of the APIs 110 a and 110 b mayprovide a money send service to one or both of the customers 104 and106, whereby the customers 104 and 106 are permitted to send money,digitally, either domestically or cross-border. As yet another example,one or both of the APIs 110 a and 110 b may include a predictive,behavior-based fraud score service, which permits one or both of thecustomers 104 and 106 to determine whether or not to permit transactionsto proceed (e.g., where one or both of the customers 104 and 106 includean issuer of payment accounts, etc.).

In still further aspects of the present disclosure, one or both of theAPIs 110 a and 110 b associated with the payment network 102 may beassociated with (without limitation) services related to: commercialreal estate and about offering insights to the monthly performance ofretail locations to help evaluate acquisitions, optimize rents, andvalidate conclusions; accepting e-commerce and mobile commerce payments,regardless of payment brand; monitoring spending by transaction amount,transaction type (e.g., transactions involving point-of-sale (POS)devices, Internet transactions, etc.) and home country, and also to thetemporary suspension of cards to prevent unauthorized use; cardholdersfor managing how, when and where their cards are being used by settingdecline and alert rules (e.g., based on transaction amounts, transactiontypes, home countries, etc.) and personalized alerts; allowing additionof funds to eligible prepaid accounts; providing offers to accountholders based on their payment account transactions to drive increasedaccount usage and account holder engagement; multi-channel globalpayment processing; advanced fraud prevention and risk managementsolutions for merchants and financial institutions; moving funds betweenaccounts and sending disbursements; developing cloud-based payment (CBP)(e.g., Mastercard CBP (MCBP)) applications; measuring impact of digitalmedia campaigns on online and offline sales; providing tokenization ofaccount numbers for increased payment security; identifying potentiallyhigh-risk merchants before entering into a merchant agreements;providing consumer-initiated mobile payment solutions that enableconsumers to make convenient, secure payments for everyday purchases;providing simplified checkout experiences with digital wallets;accessing trend and sales data at industry and micro-sector levels;identifying payment cards that have been reported lost or stolen byissuers; providing global database access; providing predictive,behavior-based fraud score tools for e-commerce merchants; determiningbeneficial audiences for advertising in order to maximize the impact ofad marketing spend; and providing assurances that consumers aretransacting digitally using genuine attributes; etc.

With that said, in general herein, the APIs 110 a and 110 b may beprovided by the payment network 102 to perform various services and/oroperations, as needed or desired, by the customers 104 and 106 (and/orby other customers in the system 100). And, the services provided mayinclude any suitable services and/or operations (e.g., any one or moreof the services described above, other services, etc.).

With continued reference to FIG. 1, the payment network 102 includes auser 112 involved in providing permissions for and management and/oronboarding of one or more of the customers 104 and 106 for the APIs 110a and 110 b. The user 112 may include, without limitation, an employee,a manager, etc. associated with the payment network 102, or a contractorassociated therewith. In addition herein, the customer 106 is associatedwith a user 114, who may be, without limitation, an employee, a manager,etc., associated with integration, set up, and/or management of thecustomer's use of one or more of the APIs 110 a and 110 b, etc. Each ofthe users 112 and 114 is associated with a computing device 200 at therespective one of the payment network 102 and the customer 106, andwhich will be described in more detail hereinafter.

The payment network 102 further includes a certification engine 116,which is configured, by executable instructions, to operate as describedherein. In general, prior to the customers 104 and 106 using one or moreof the APIs 110 a and 110 b in a production or live environment, thecustomers 104 and 106 are required, in this embodiment, to utilizeand/or demonstrate use of the APIs 110 a and 110 b in a testenvironment. In connection therewith, the certification engine 116 isconfigured to provide the certification of the customers 104 and 106, inthe test environment, based, for example, on a test project and/or oneor more test cases involving the APIs 110 a and 110 b.

In the illustrated embodiment, the certification engine 116 is providedas a standalone part of the payment network 102 (e.g., as a standalonecomputing device associated with the payment network 102, etc.), and ispartially located in communication with the payment network 102 andpartially located at the customer 104. However, in other embodiments ofthe system 100 the certification engine 116 may be included orincorporated in computing device 200 of the payment network 102 (fullyor partially). What's more, in still other implementations of thepresent disclosure the certification engine 116 may be included (inwhole or in part) with one or more of the APIs 110 a and 110 b, or withother applications, programs or services provided by and/or included inthe payment network 102, other entities of the system 100, etc. (suchthat the certification engine 116 may then be associated with and/orincorporated in a computing device associated therewith).

In addition in the illustrated embodiment of FIG. 1, the certificationengine 116 is generally configured to monitor data flow betweencustomers 104 and 106 and APIs 110 a and 110 b based on logs for APIs110 a and 110 b (e.g., by parsing the logs, etc.), which are accessibleto the certification engine 116. The logs may be accessible, forexample, via a URL associated with the APIs 110 a and 110 b and/orassociated logs (or in any other manner). In this embodiment, the logsfor APIs 110 a and 110 b contain, for example, various details regardingthe data flow between customers 104 and 106 and the APIs 110 a and 110b, for example, relating to: the customer 104 or 106 (and/or theassociated user 112 or 114) making a request or call to the API 110 a or110 b; a service and/or function associated with the API 110 a or 110 bbeing requested or called; the parameters passed for the given requestor call associated with the API 110 a or 110 b; the results returnedfrom the request or call; any errors associated with such request orcall; timing (associated with any of the foregoing); etc. In connectiontherewith, the certification engine 116 may be located (logically orphysically) entirely at the payment network 102, or the certificationengine 116 may be located in whole or in part at one or both of thecustomers 104 and 106 (remote from the payment network 102) (such as inthe illustrated embodiment where the certification engine 116 is locatedin part in association with the payment network 102 and in part at thecustomer 104), or elsewhere. But regardless of location, as indicatedabove, the certification engine 116 is located so that it can examinedata flow between customers 104 and 106 and APIs 110 a and 110 b basedon logs for APIs 110 a and 110 b.

With that said, the certification engine 116 is generally configured,and disposed (logically or physically), between APIs 110 a and 110 b andthe customers 104 and 106, such that data flow between customers 104 and106 and APIs 110 and 110 b passes through the certification engine 116,whereby the certification engine 116 is configured to monitor the dataflow in real time (or near real time) as it is passed between customers104 and 106 and APIs 110 a and 110 b (real time, for example, mayinclude monitoring data flow between the customers and the APIsimmediately as the data flows, or within a few seconds of the dataflowing, therebetween (e.g., within about one second, within about threeseconds, within about five seconds, within about ten seconds, withinabout thirty seconds, within about one minute, etc.), and near real timemay include monitoring data flow between the customers 104 and 106 andthe APIs 110 a and 110 b within a later time of the data flow passingtherebetween, but still within about a minute, about two minutes, aboutfive minutes, or about 30 minutes, etc. In particular in FIG. 1, and asdiscussed above, the certification engine 116 is located at least partlyat the payment network 102 and disposed generally between the APIs 110 aand 110 b and the customer 106, such that the certification engine 116may be configured so that data flowing between the customer 106 and theAPI 110 a (data flow A) and data flowing between the customer 106 andthe API 110 b (data flow B) passes generally through the certificationengine 116 associated with the payment network 102. In addition in FIG.1, the certification engine 116 is located at least partly at thecustomer 104 and disposed generally between the API 110 a and thecustomer 104, such that the certification engine 116 may be configuredto also have data flowing between the customer 104 and the API 110 a(data flow C) to pass generally through the certification engine 116.

The certification engine 116 is also configured, in the illustratedembodiment, with one or more test cases for each of APIs 110 a and 110b. The certification engine 116, then, and as discussed in more detailbelow, is configured to monitor particular data passed between thecustomers 104 and 106 and the APIs 110 a and 110 b (e.g., parameters fora particular API request and/or a result returned by the API 110 a inresponse to that request, etc.), to identify data applicable to the testcases, and to determine whether the data passes or fails the test case.

In the illustrated embodiment, the certification engine 116 is generallyconfigured to support any number of APIs and associated test cases. Thecertification engine 116 may, for example, be configured to allow theuser 112 associated with the payment network 102 to create, at thecertification engine 116, a new API association by providing detailsassociated with the new API (e.g., name, URL for the API and/orassociated log, test case(s), standard specification, etc.). In thismanner, the certification engine 116 may, for example, be configured toaccept a file (e.g., formatted according to a standard test casetemplate, etc.) specifying any number of test cases and to associatethose test cases with the new API. In turn, the certification engine 116may be configured to identify the test case(s) (and their details) inthe file. The certification engine 116 may, for example, be configuredto identify the test cases (and their details) in the file based on thefile being formatted in accordance with a standard template (e.g., wherea row for each test case includes a test case number in a first column,a test case summary in second column, and an expected result in a thirdcolumn; etc.). The file may (or may not) include any additionalinformation regarding the test cases or associated API, such as, forexample, an identification of the API service to which the test casespertains (e.g., disbursement services, person-to-person (P2P) services,and/or address validation services for the MasterCard Send API (broadly,a Money Send API), etc.) (e.g., in a fourth column, etc.). Exemplar testcase entries for various services of Money Send API are shown below inTable 1.

TABLE 1 Expected Test Test Case Case # Test Case Summary Result APIService 1 Transaction Amount Decline Person to exceeds transaction LimitPerson (Payment Network 102) 2 Two transactions causing Decline secondPerson to aggregate limit for a transaction Person network to beexceeded (same network) 3 Invalid input format - Error Person toExpiration date Person 4 Successful Successful Disbursementstransaction(Transaction routed through STAR) 5 Invalid Account - CardDecline Disbursements number is Invalid 6 Request Timeout scenarioSystem Error Disbursements 7 Invalid card Type Decline Disbursements(Customer is only configured for debit but card provided is prepaid) 8Account verification Successful Address provided for valid card andResponse with Verification address with 5 digit postal all fields codematched 9 Account provided is Successful Account eligible for payments.Response Information

The certification engine 116 may be configured to additionally, oralternatively, accept manual input of test case information for the newAPI association from the user 112 associated with the payment network102 (e.g., via free form fields soliciting the same or similar type ofinformation specified in the standard template, etc.).

It should also be appreciated that, when configured with the new APIassociation, the certification engine 116 may be configured to allow theuser 112 associated with the payment network 102 to specify whethercustom test plans are allowed for test projects for the API (e.g., sothat only a subset of the provided test cases may optionally be includedin a test plan for the API, etc.) and/or whether customer-provided testcases are allowed to optionally include test projects for the API (e.g.,in addition to the test cases identified in the file and/or manuallyinput by the user 112, etc.). In any event, regardless of whether thecertification engine 116 accepts test case information via a file,manual entry, or in any other manner, the certification engine 116,then, is configured to store the test cases (and their details), forexample, in a data structure associated, at least in part, with the newAPI, etc. (e.g., in a same or similar format as a standard test casetemplate, or another format), or in another manner. In connectiontherewith, the certification engine 116 may, for example, be configuredto store the tests case(s) (and their details) in a data structure thathas fields, for each test case, for the test case number, a test casesummary, and an expected test case result, along with other information,such as, for example, “Parameter(s) to validate,” where the“Parameter(s) to validate” corresponds to parameters to be passed by acustomer to the API for validation by the certification engine 116 inassociation with a particular test case. In one example, where the API110 a is the Money Send API discussed above and the user 112 associatedwith the payment network 102 has uploaded a test case file consistentwith Table 1 above (e.g., in configuring the certification engine 116 toassociate with API 110 a, etc.), the certification engine 116 may beconfigured to store the test cases (and their details) included thereinin a data structure formatted consistently therewith. Exemplarformatting is show below in Table 2.

TABLE 2 Expected Test Test Case Parameter(s) Case # Test Case SummaryResult API Service to validate 1 Transaction Amount Decline Person toexceeds transaction Limit Person (Payment Network 102) 2 Twotransactions causing Decline second Person to aggregate limit for atransaction Person network to be exceeded (same network) 3 Invalid inputformat - Error Person to Expiration date Person 4 Successful SuccessfulDisbursements See Table 3 transaction(Transaction routed through STAR) 5Invalid Account - Card Decline Disbursements number is Invalid 6 RequestTimeout scenario System Error Disbursements 7 Invalid card Type DeclineDisbursements (Customer is only configured for debit but card providedis prepaid) 8 Account verification Successful Address provided for validcard and Verification address with 5 digit postal code 9 Accountprovided is Successful Account See Table 4 eligible for payments.Response Information

It should be appreciated that the certification engine 116 may, in someembodiments, be configured to receive at least some informationassociated with test cases when being configured with a new APIassociation, or at a different time. For example, with reference toTable 2, any applicable “Parameter(s) to validate” (e.g., for Test CaseNo. 4, the “Required” Parameters and associated requirements identifiedin Table 3, etc.) stored in the data structure may come from the testcase file, or be manually entered, when a new API association isconfigured. Alternatively, any applicable “Parameter(s) to validate” maybe received at another time (e.g., when a test project is created for aparticular customer, etc.).

It should be appreciated that in the exemplary system 100 of FIG. 1, thecertification engine 116 is configured with API associations for APIs110 a and 110 b. For example, the user 112 associated with the paymentnetwork 102 has already created, at the certification engine 116, a newAPI association for each of APIs 110 a and API 110 b, consistent withthe above description. In connection therewith, the certification engine116 is configured with test cases associated with APIs 110 a and 110 b.In one example, where API 110 a is the Money Send API discussed above,the certification engine 116 may be configured with a new connection forthe Money Send API, where, for example, “Money Send” was specified asthe name of the API and “paymentnetwork.com/api/moneysend/log” wasspecified as the URL for the API log, as well as with a test case fileconsistent with Table 1 above.

In operation of the system 100, when the customer 106, for example,determines that it desires and/or needs to utilize API 110 a (toimplement or otherwise utilize one or more services associatedtherewith), the customer 106 may begin an integration process, wherebythe customer 106 (and specifically, the user 114 associated therewith)modifies and/or builds out its computing device 200 to push data to theAPI 110 a (e.g., as part of a call(s) or request(s) to the API 110 a,etc.) and receive data from the API 110 a (e.g., a result(s) returnedfrom the API 110 a in response to the call or request, etc.) (e.g., inboth cases, via data flow A in FIG. 1, etc.). In connection therewith,the user 112 associated with the payment network 102 may interact withthe certification engine 116 to create a test project for the API 110 aand the customer 106. Specifically, the user 112 may identify the API110 a and the customer 106 to the certification engine 116. In response,the certification engine 116 is configured to select one or more testcases (e.g., as part of the test project, etc.) to be employed tocertify the customer's interaction(s) with the API 110 a.

In embodiments, the certification engine 116 may be configured toautomatically select all test cases associated with one or moreparticular service(s) offered by API 110 a (e.g., all test casesassociated with Disbursement services, Person-to-Person (P2P) services,and/or Address Validation Services, etc.). Alternatively, thecertification engine 116 may be configured to automatically select onlya subset of the test cases associated with one or more services,depending on, for example, default preferences (e.g., default customer106 or user preferences set by user 112 when a new connection with API110 a was configured, etc.) or characteristics associated the customer106. Once selected, the certification engine 116 may be configured toprovide the user 112 an option to select additional test cases, tode-select one or more of the test cases selected by the certificationengine 116 (e.g., to potentially allow the user 112 to customizecertification of the customer 106 to particular services associated withthe API 110 a, etc.). The certification engine 116 may also beconfigured to provide the user 112 with an option to provide additionaltest cases (e.g., provided by the customer 106) (e.g., via uploading afile or free form fields (consistent with the above description), etc.).

Then, in the system 100, once the desired test case(s) is (are) selected(or de-selected), the certification engine 116 is configured to bundlethe test case(s) as a test project and to transmit the test project tothe customer 106, for example, via at least a link to the test project(e.g., as included in an email, etc.), etc.

In response, the user 114 associated with the customer 106 may interactwith the certification engine 116, view the test project, and configureits computing device 200 to interact with the API 110 a based on thetest project. For example, when the test project is transmitted to thecustomer 106 (and in particular the user 114) via a link in an email,and when the link is executed, the certification engine 116 isconfigured to initially invite the user 114 to create a user profile (ifthe user 114 is a new user) or associate the test case with an existinguser profile for the user 114, and then to provide the user 114 with thetest cases bundled with that test project under that profile. The user114 is able to access, and leave, when desired, the user profile. Inaddition, the certification engine 116 may be further configured topresent to the user 114 an overview of the test project and/or the API110 a, a listing and/or description of one or more of the particulartest cases for the API 110 a to be tested, and a functionality of theAPI 110 a being certified by the test cases (and test project). Thecertification engine 116 may be configured to present this informationas part of the user's interaction with the certification engine 116, orseparate therefrom (e.g., as a PDF, etc.). In connection therewith,broadly, the user 114 ultimately, or generally, executes the testproject for the API 110 a in accordance with the bundled test cases. Theuser profile may be associated with multiple test projects, therebypotentially allowing the user 114 to have, and monitor, test cases orprojects in progress for multiple test projects and/or APIs at one ormore times.

The certification engine 116, in turn, is configured to monitor dataflow passing between the API 110 a and the customer 106 (e.g.,consistent with the above) (and specifically, data associated with eachof the test case(s) for the test project). The certification engine 116,then, is further configured to determine whether the monitored data flowis in compliance with a standard specification of the API 110 a, basedon the expected result for one or more test cases bundled in the testproject, and potentially, based on any parameters to validate for thosetest cases. In this manner, where the data returned by the API 110 a tothe customer 106 includes results associated with a particular testcase, the certification engine 116 is configured to compare the returnedresult to the expected test case result associated with the particulartest case (e.g., from API logs or data flow therebetween, etc.). Forexample, for a specific API, such as where API 110 a is the Money SendAPI, the expected test case result for Test Case No. 4 referenced inTable 2 is “Successful.” If the user 114 associated with customer 106executes Test Case No. 4 in a manner that yields a returned result fromAPI 110 a indicating “Successful,” the certification engine 116 isconfigured to determine that customer 106 passes Test Case No. 4,subject to the outcome of any parameter(s) validation for Test Case No.4. It should be appreciated that the certification engine 116 may beconfigured to determine that data returned by the API 110 a to thecustomer 106 includes a result associated with a particular test caseby, for example (and without limitation), parsing (e.g., in a log forAPI 110 a) the monitored data flow (e.g., for results returned by theAPI 110 a to the customer 106 in response to specific requests or callsto the API that are associated with each bundled test case, etc.). Inthis regard, for each test case in the test project, the certificationengine 116 may, for example, be configured with informationcorresponding to each API 110 a request or call (and response thereto)associated with the test case (e.g., so that the certification engine116 may compare the parsed data in the log for the API 110 a with suchinformation in order to determine whether the parsed data corresponds toa particular test case, etc.).

Where the data passed by the customer 106 to the API 110 a includesparameters associated with a particular test case, the certificationengine 116 is further configured to compare these parameters to anyparameters to validate associated with the test case. For example, for aspecific API, such as where the API 110 a is, again, the Money Send APIdiscussed above, a portion of the standard specification for the APIinvolving a Money Send request is provided in Table 3 below. As shown,the Money Send request is required to include certain parameters, eachof which is associated with a required designation indicating whetherthe parameter is required or optional, associated requirements (e.g.,for the “payment disbursement.currency” parameter, that currency isspecified as an ISO 4217 alpha-3currency code, in upper case, etc.),and, in some cases, an example that provides the format of theparameter. As such, if an API Money Send request (e.g., associated withTest Case No. 4 referenced in Table 2, etc.) does not include, forexample, an appropriate disbursement currency (e.g., a disbursementcurrency specified as an ISO 4217 alpha-3 currency code, in upper case,etc.) within the data passed by the customer 106 to the API 110 a forthe request, the certification engine 116 is configured to determinethat the API Money Send request fails Test Case No. 4 referenced inTable 2, and, thus, that the data is not compliant with the standard. Itshould be appreciated that the certification engine 116 may beconfigured to determine that data passed by the customer 106 to the API110 a includes a parameter(s) associated with a particular test case by,for example (and without limitation), parsing (e.g., in a log for API110 a, etc.) the monitored data flow (e.g., for requests or calls madeby the customer 106 to the API 110 a that are associated with eachbundled test case, etc.). In this regard, for each test case in the testproject, the certification engine 116 may, for example, be configuredwith information corresponding to each API 110 a request or callassociated with the test case (e.g., so that the certification engine116 may compare the parsed data in the log for API 110 a with suchinformation in order to determine whether the parsed data corresponds toa particular test case, etc.).

TABLE 3 Parameter Required Example payment_disbursement OptionalContains the details of the request message.payment_disbursement.disbursement_reference Required DEF123456 This is aclient-specific identifier for the disbursement. It must be uniquewithin the client's domain. Allowable characters are alphanumeric andthe *,.-_ ~ characters. Details- 6-40 payment_disbursement.amountRequired 1000 The amount to be paid to the recipient in the smallestunit of the currency. Example: 100 = $1.00 (assuming USD). Details-numeric, 1-999999999999 payment_disbursement.currency Required USD Thecurrency of the disbursement amount as an ISO 4217 alpha-3 currencycode, in uppercase. Details- alpha, 3payment_disbursement.recipient.first_name Required Jane Recipient'sfirst name is required for non-tokenized transactions. Details- 1-40payment_disbursement.recipient.middle_name Optional Tyler Recipient'smiddle name. Details- 1-40 payment_disbursement.recipient.last_nameRequired Smith Recipient's last name is required for non-tokenizedtransactions. Details- 1-40 payment_disbursement.recipient_account_uriRequired acct- URI identifying recipient's account to receive the ref:ABCD123456789 disbursement funds. Only a pan based account is valid.Valid Values- Refer ‘Account URIs’

In addition, as a further example, Table 2 includes another portion ofthe standard specification for the example Money Send API, discussedabove, for an Account Information service request from the Money SendAPI. As shown, and as above, the Account Information request is requiredto include certain parameters, each of which is associated with arequired designation indicating whether the parameter is required oroptional, associated requirements (e.g., for the “partnerID” parameter,that partner ID is specified as a 32 character string, etc.), and, insome cases, an example that provides the format of the parameter. Assuch, if an API Money Send request (e.g., associated with Test Case No.9 referenced in Table 2, etc.) does not include, for example, anappropriate partner ID (e.g., a partner ID as a 32 character string,etc.) in the data passed by the customer 106 to the API 110 a for therequest, the certification engine 116 is configured to determine thatthe API Money Send request fails Test Case No. 9 referenced in Table 2,and, thus, that the data is not compliant with the standard.

TABLE 4 Parameter Required Example partnerId Required Path Param -Provider assigned partner id. Details - string, 32 fields Optional QueryParam - A comma-delimited, order independent list of one or more of thefollowing values: metadata - return account metadata. Default value isequivalent to “fields = metadata”. Details- Required account_infoOptional See child Contains the details of the request message.attributes account_info.account_uri Required pan: 5432123456789012; URIidentifying account for which information is desired. exp = 2017February; Note: Using the Consumer Ref Account URI is not valid for cvc= 123 this service. Only a card based account is valid. Valid Values-Refer ‘Account URIs’ account_info.amount Optional 1000 Intended amountto transfer. This could give more accurate information. Details-Numeric, 1-999999999999 account_info.currency Optional USD The currencyof the amount as an ISO 4217 alpha-3 currency code, in uppercase.Currency should be provided if amount is provided. Details- Conditional,alpha, 3 account_info.payment_type Optional BDB BDB: BusinessDisbursements, GDB: Government Disbursements, P2P: Person to Person,A2A: Account to Account, AMS: Acquirer Merchant Settlement, CBP: CreditCard Billpayment. Details- Conditional, This parameter should be definedduring onboarding process. If multiple payment types are setup for apartner the right payment type corresponding to the request should bespecified.

Further, in this exemplary embodiment, the certification engine 116 isconfigured to provide notifications regarding test project status and/ortest case results, at one or more regular or irregular intervals, or inreal time (e.g., instantaneously, within milliseconds, etc.) or nearreal time (e.g., in a time frame resulting in no significant delays,etc.), to the user 112 and/or the user 114, at their respectivecomputing device 200. In one embodiment, the certification engine 116 isconfigured to host a dashboard, for the customer 106, and specifically,for the user 114, whereby the certification engine 116 is configured toprovide the notifications to the customer 106 via the dashboard.

Additionally, or alternatively, the certification engine 116 isconfigured to transmit notifications to the user 112, and the paymentnetwork 102, more generally. The notifications are provided to notifythe user 112 of the status of the test project and/or specific testcases within the test project, etc. Such notifications may include, forexample, indications that a test case was successfully executed (e.g.,Test case #2 executed 09:35 MMDDYYY-successful, etc.), or that a testcase failed (e.g., Test case #3 executed 15:32 MMDDYYY-fails (statementdescriptor NULL), etc.), or relating to test case (or test project)connections (e.g., API connection at 09:15-Successful, API connection at16:45-Ended, etc.). The certification engine 116 may be configured toprovide the notifications, optionally, along with additional informationabout the test project (or other test projects) through a dashboardand/or other interface accessible to the user 114, via the user'sprofile with the certification engine 116.

While only one payment network 102, two customers 104 and 106, two APIs110 a and 110 b, two users 114 and 112, and one certification engine 116are illustrated in the system 100 in FIG. 1 (for ease of reference), itshould be appreciated that the system 100, and/or other systemembodiments of the present disclosure, may include multiple ones of oneor more of these parts in various combinations (as well as one or moreadditional parts). For example, other system embodiments may includemultiple customers, and one or more of the multiple customers mayinclude multiple users.

FIG. 2 illustrates an exemplary computing device 200 that can be used inthe system 100. The computing device 200 may include, for example, oneor more servers, workstations, personal computers, laptops, tablets,smartphones, other suitable computing devices, etc. In addition, thecomputing device 200 may include a single computing device, or it mayinclude multiple computing devices located in close proximity, ormultiple computing devices distributed over a geographic region, so longas the computing devices are specifically configured to function asdescribed herein. In the exemplary embodiment of FIG. 1, each of thepayment network 102 and the customers 104 and 106 are illustrated asincluding, or being implemented in, computing device 200, coupled to thenetwork 108. In addition, the certification engine 116 may be considereda computing device, or may be considered implemented in a computingdevice, consistent with the computing device 200. With that said, thesystem 100 should not be considered to be limited to the computingdevice 200, as described below, as different computing devices and/orarrangements of computing devices may be used. In addition, differentcomponents and/or arrangements of components may be used in othercomputing devices.

Referring to FIG. 2, the exemplary computing device 200 includes aprocessor 202 and a memory 204 coupled to (and in communication with)the processor 202. The processor 202 may include one or more processingunits (e.g., in a multi-core configuration, etc.). For example, theprocessor 202 may include, without limitation, a central processing unit(CPU), a microcontroller, a reduced instruction set computer (RISC)processor, an application specific integrated circuit (ASIC), aprogrammable logic device (PLD), a gate array, and/or any other circuitor processor capable of the functions described herein.

The memory 204, as described herein, is one or more devices that permitdata, instructions, etc., to be stored therein and retrieved therefrom.The memory 204 may include one or more computer-readable storage media,such as, without limitation, dynamic random access memory (DRAM), staticrandom access memory (SRAM), read only memory (ROM), erasableprogrammable read only memory (EPROM), solid state devices, flashdrives, CD-ROMs, thumb drives, floppy disks, tapes, hard disks, and/orany other type of volatile or nonvolatile physical or tangiblecomputer-readable media. The memory 204 may be configured to store,without limitation, data specific to the service(s) provided by the APIs110 a and 110 b (and other APIs), API associations, test cases, testprojects, links to test projects, and/or other types of data (and/ordata structures), etc. suitable for use as described herein.Furthermore, in various embodiments, computer-executable instructionsmay be stored in the memory 204 for execution by the processor 202 tocause the processor 202 to perform one or more of the functionsdescribed herein, such that the memory 204 is a physical, tangible, andnon-transitory computer readable storage media. Such instructions oftenimprove the efficiencies and/or performance of the processor 202 and/orother computer system components configured to perform one or more ofthe various operations herein. It should be appreciated that the memory204 may include a variety of different memories, each implemented in oneor more of the functions or processes described herein.

In the exemplary embodiment, the computing device 200 also includes anoutput device 206 that is coupled to (and that is in communication with)the processor 202. The output device 206 outputs information such astest cases, result notifications, etc. in real time, or near real time,etc., (e.g., as defined by the test project, etc.), visually, forexample, to the user 112 and/or the user 114 of a respective one of thecomputing devices 200, etc. The output device 206 may include, withoutlimitation, a liquid crystal display (LCD), a light-emitting diode (LED)display, an organic LED (OLED) display, an “electronic ink” display,speakers, etc. In some embodiments, the output device 206 may includemultiple devices.

In addition, the computing device 200 includes an input device 208 thatreceives inputs from the user (i.e., user inputs) such as, for example,selections of test cases, etc. from the user 112, as further describedbelow. The input device 208 may include a single input device ormultiple input devices. The input device 208 is coupled to (and is incommunication with) the processor 202 and may include, for example, oneor more of a keyboard, a pointing device, a mouse, a touch sensitivepanel (e.g., a touch pad or a touch screen, etc.), another computingdevice, and/or an audio input device. Further, in various exemplaryembodiments, a touch screen, such as that included in a tablet, asmartphone, or similar device, may behave as both the output device 206and the input device 208.

Further, the illustrated computing device 200 also includes a networkinterface 210 coupled to (and in communication with) the processor 202and the memory 204. The network interface 210 may include, withoutlimitation, a wired network adapter, a wireless network adapter (e.g., anear field communication (NFC) adapter, a Bluetooth adapter, etc.), amobile network adapter, or other device capable of communicating to oneor more different networks, including the network 108.

FIG. 3 illustrates an exemplary method 300 for validating interactionsbetween one or more APIs and one or more customers. The exemplary method300 is described (with reference to FIG. 1) as implemented in thecertification engine 116 of the payment network 102, in connection withactions by the customer 106, the user 112 and the user 114 (in thesystem 100), and with further reference to the computing device 200. Asshould be appreciated, however, the methods herein should not beunderstood to be limited to the exemplary system 100 or the exemplarycomputing device 200, and the systems and the computing devices hereinshould not be understood to be limited to the exemplary method 300.

In the method 300 (and without limitation), the customer 106 hasdeveloped and/or modified a tool for use by the customer 106, whichrelies on at least one service of the API 110 a. As such, the customer106 may request use of the API 110 a from the payment network 102. Inresponse in the method 300, the payment network 102 requires thecustomer 106 to be certified for use of the API 110 a. In an attempt toachieve certification, from the payment network 102, for use of the API110 a, the customer 106 initially sets up a test environment, whichprovides intended interactions of the tool with the API 110 a.

Thereafter, upon the request for such certification, the user 112associated with the payment network 102 selects and/or identifies theAPI 110 a, at 302, and identifies the customer 106, at 304.Specifically, an interface may be displayed to the user 112, at thecomputing device 200, by the certification engine 116, which permits theselection of the API 110 a and the identification of the customer 106.The interface may include, for example, a webpage or other network-basedinterface provided from the certification engine 116. The user 112 maybe permitted to select the API 110 a, for example, from a dropdown menuof available APIs, or to select the API 110 a through typing orotherwise inputting an identifier associated with the API 110 a (e.g., aname of the API 110 a, etc.). In this manner, the certification engine116 may permit the user 112 to select only a valid and/or known API.Likewise, the customer 106 may be identified, by the user 112, from adropdown menu, or by entry of a name or other identifier associated withand unique to the customer 106. Again, in this manner, the certificationengine 116 may permit the user 112 to identify only a valid and/or knowncustomer. If either the API 110 a or the customer 106 is unknown, thecertification engine 116 may display one or more different interfaces toregister the API 110 a or the customer 106 to the certification engine116, whereby the user 112 would enter detail related to the API 110 aand/or the customer 106 to permit the certification engine 116 tooperate as described herein.

Once the API 110 a is selected and the customer 106 is identified, thecertification engine selects, at 306, one or more test cases for a testproject for the API 110 a and the customer 106. The test cases mayinclude, for example, any of Test Case Nos. 1-9 referenced in Table 2,etc.

In addition, via another interface provided by the certification engine116 to the computing device 200, the user 112 may select additional testcases for the test project, or de-select desired test cases presented bythe certification engine 116, at 308 (e.g., where the certificationengine 116 selects Test Case Nos. 4-9 referenced in Table 2, the user112 may select Test Cases No. 1-3 and de-select Test Case Nos. 5-6referenced in Table 2; etc.). In connection therewith, the user 112 isable to provide inputs to the certification engine 116 for particulartest cases and thereby customize the test project for the customer 106(e.g., based on particular services requested by the customer 106, basedon the particular customer 106, etc.). As another example, when theservice requested by the customer 106 via the API 110 a relates tocloud-based payment (e.g., Mastercard CBP (MCBP), etc.) applications,the certification engine 116 may select fifteen test cases (at 306)based generally on the identified API 110 a. Thereafter, the user 112may de-select one or more of the fifteen test cases based on, forexample, the customer 106, a specified use of the API 110 a by thecustomer 106 for the MCBP applications, a limitation on the use of theAPI 110 a for the customer 106, etc. and/or further select additionaltest cases to add thereto for the same or different reasons.

Subsequently in the method 300, the certification engine 116 bundles, at310, the selected test cases into the test project, taking into accountany de-selected test cases, and transmits the test project to thecustomer 106, at 312. For example, the certification engine 116 maybundle and store the test project as specific to the API 110 a and thecustomer 106 in memory (e.g., the memory 204, etc.) at the paymentnetwork 102. In turn, the certification engine 116 then transmits thetest project to the customer 106 (and more particularly to the user114), for example, as a link in an electronic message (e.g., an emailmessage, an SMS message, etc.). With that said, when the customer 104 isinvolved in being certified to the API 110 a, with the certificationengine 116 deployed at least partially at the customer 106, thecertification engine 116 operates in generally the same manner as above.However, in this implementation, the customer 104 then stores the testproject in memory (e.g., the memory 204, etc.) at the customer 104.

In any case, when the customer 106 is ready to test and/or attempt tocertify its interactions with the API 110 a, the customer 106 selectsthe test project (e.g., selects the link to the test project, etc.) andexecutes the test project in accordance with the bundled test cases.With the execution of the test project, the certification engine 116monitors, at 314, the data payloads (or data flows) exchanged betweenthe API 110 a and the customer 106 (consistent with the monitoringprocess described above). As the exchanged data payloads are monitored(e.g., from associated logs, data traffic, etc.), the certificationengine 116 determines, at 316, for each payload or at one or moreintervals, whether the data is associated with a bundled test case(s)and, if so, whether it is consistent with an expectancy for the testcase(s) associated with API 110 a. Specifically, the certificationengine 116 evaluates a payload of data passed from the customer 106 tothe API 110 a (e.g., in a log associated with the API 110 a, etc.) todetermine if one or more parameters therein are associated with abundled test case(s), and if so, whether the parameters are consistentwith the specification for the API 110 a (e.g., as shown in Table 3 forthe Money Send API, etc.).

In addition, as part of such testing, the certification engine 116 alsodetermines, for each payload of data passing back to the customer 106from the API 110 a, whether the data includes a result(s) associatedwith a bundled test case(s) and, if so, whether it is consistent with anexpectancy for a test case result(s) associated with the test case(s)for the API 110 a. Specifically, the certification engine 116 evaluatesa payload of data passed from the API 110 a to the customer 106 todetermine if one or more results therein are associated with a bundledtest case(s), and if so, whether the results are consistent with theexpected test case result(s) for the associated test case(s) (e.g., asshown in Table 2 for Test Case Nos. 1-9 for the Money Send API, etc.).It should be appreciated that the determination of each payload relativeto parameters associated with the specification (and the test case)and/or expected result associated with the test case may vary dependingon the test project (and test cases for that project) and API.Additional manual review, apart from the certification engine 116, orthrough modification of the test cases and/or test project in thecertification engine 116, may also be required in certain test projectsfor certain APIs, or not.

When the certification engine 116 determines that the data is consistentwith the expectancy for the API 110 a, or not, the certification engine116 provides appropriate notifications to the customer 106, at 318. Forexample, the customer 106, and specifically the user 114, may executethe test project through an interface provided from the certificationengine 116 (e.g., a network-based interface, etc.), whereby thecertification engine 116 is able to provide data to the interface, inreal time or near real time, thereby giving the customer 106 specificand prompt feedback about its performance in interacting with the API110 a. If, for example, a format of a data payload is incorrect, afterthat data payload is received by the certification engine 116 (as partof the monitoring), the certification engine 116 may provide anotification to the customer 106 of the incorrect payload as known tothe user 114, through the interface, for example, as a warning, a logentry, or other visual or audible cue, again in real time or near realtime.

FIG. 4 illustrates an exemplary interface 400 including a dashboard thatmay be displayed, by the certification engine 116, to the customer 106(e.g., to the user 114 at computing device 200, etc.) in connection withproviding notifications to the customer 106 with regard to a testproject and in connection with different interactions between thecustomer 106 and one or more APIs. As shown, the interface 400 includesa status segment 402 that relates to the test project, which includes aname of the test project (i.e., CIS-2017-#####); a project status (i.e.,In Progress); an API name (i.e., Money Send); a status of test cases forthe test project including a number passed, a number failed, and anumber not tested; and various notifications about the test project. Inconnection therewith, the interface 400 identifies activity for thegiven day, including a listing of successful test cases, failed testcases, and connection times, etc. Further in the interface 400, the user114 is able to amend notes, whereby different users on a test projectmay communicate and/or document actions items or other updates and/ortasks related to the test project.

In addition, the interface 400 includes a user segment 404 specific tothe user 114 (e.g., identified as Mike Smith having a User ID ofMS@customer.com, etc.) and test projects associated with and/oraccessible to the user 114 (e.g., CIS-2017-56789, CIS-2017-123456,etc.). Upon selection of the different test projects, the status segment402 (described above) is repopulated with the information specific tothe selected test project, thereby allowing the user 114 to navigatebetween the test projects. Further, the interface 400 includes segments406 and 408 for the creation of new test projects, through which theuser 114 is able to interact with the payment network 102 (asappropriate) and create new test projects by selecting, for example, the“Create Project” button 410. In response to selecting button 410, thecertification engine 116 populates the segment 408 with options to beselected and/or entered for the new test project. It should beappreciated that despite the exemplary format, arrangement andappearance of the interface 400, other interfaces, messages, and/orformats may be employed in other embodiments to provide notificationsand/or other information related to a test project and/or API to one ormore users.

Referring again to FIG. 3, finally, when the test case(s), or the testproject, is complete, the certification engine 116 compiles and providesa report, at 320, to the user 112, or more generally, to the paymentnetwork 102. When the interactions between the API 110 a and thecustomer 106 have satisfied the expectancy for the API 110 a, the reportmay be a certification of the customer 106 for use of the API 110 a, ormay be used, by the user 112, to make a determination of certificationfor the same. If, however, the report shows inconsistency or incorrectdata payloads, the report may be used, by the user 112, to directcorrection by the customer 106 and/or deny certification until the testproject is able to be executed without any notifications ofinconsistency and/or incorrect data payloads.

In view of the above, the systems and methods herein providecertification of a customer's use of an API, whereby a certificationengine, for example, monitors the data flow (or data payloads) betweenthe customer and the API to determine if corresponding data payloads arecompliant with one or more standards associated with the API, based ontest cases associated with a test project. In this manner, when thepayloads from the customer (or to the customer) include all required APIdata, parameters, and/or fields populated, and expected results, thecustomer may be certified to use the API, generally, without potentiallyevaluating the content of the data payloads. The systems and methodsherein may further provide real time or near real time feedback to thecustomer and/or the API host (e.g., the payment network, etc.) through adashboard interface, appropriate notifications, etc., thereby promotingefficiencies in the validation and/or certification of the customer forthe API. As such, API hosts may provide consistent and efficientcertification of the customer for use of the API.

Again, and as previously described, it should be appreciated that thefunctions described herein, in some embodiments, may be described incomputer executable instructions stored on a computer-readable media,and executable by one or more processors. The computer-readable media isa non-transitory computer-readable storage medium. By way of example,and not limitation, such computer-readable media can include RAM, ROM,EEPROM, CD-ROM or other optical disk storage, magnetic disk storage orother magnetic storage devices, or any other medium that can be used tocarry or store desired program code in the form of instructions or datastructures and that can be accessed by a computer. Combinations of theabove should also be included within the scope of computer-readablemedia.

It should also be appreciated that one or more aspects of the presentdisclosure transform a general-purpose computing device into aspecial-purpose computing device when configured to perform thefunctions, methods, and/or processes described herein.

As will be appreciated based on the foregoing specification, theabove-described embodiments of the disclosure may be implemented usingcomputer programming or engineering techniques including computersoftware, firmware, hardware or any combination or subset thereof,wherein the technical effect may be achieved by performing at least oneof the following operations: (a) selecting an API, the API defining atleast one service to be used by a customer and a standard associatedwith the API for data payloads directed to the API; (b) identifying thecustomer; (c) selecting, by at least one computing device, at least onetest case for the API and the customer; (d) bundling, by the at leastone computing device, the at least one test case into a test project forthe customer; (e) transmitting, by the at least one computing device,the test project to the customer, whereby the customer is able toexecute the test project; (f) monitoring, by the at least one computingdevice, data payloads between the API and the customer; and (g)compiling and transmitting, by the at least one computing device, areport indicative of a result of the at least one test case, the reportindicating whether the data payloads are compliant with the standardassociated with the API, thereby indicating certification of thecustomer's use of the API to provide the at least one service, or not.

Exemplary embodiments are provided so that this disclosure will bethorough, and will fully convey the scope to those who are skilled inthe art. Numerous specific details are set forth, such as examples ofspecific components, devices, and methods, to provide a thoroughunderstanding of embodiments of the present disclosure. It will beapparent to those skilled in the art that specific details need not beemployed, that example embodiments may be embodied in many differentforms, and that neither should be construed to limit the scope of thedisclosure. In some example embodiments, well-known processes,well-known device structures, and well-known technologies are notdescribed in detail.

The terminology used herein is for the purpose of describing particularexemplary embodiments only and is not intended to be limiting. As usedherein, the singular forms “a,” “an,” and “the” may be intended toinclude the plural forms as well, unless the context clearly indicatesotherwise. The terms “comprises,” “comprising,” “including,” and“having,” are inclusive and therefore specify the presence of statedfeatures, integers, steps, operations, elements, and/or components, butdo not preclude the presence or addition of one or more other features,integers, steps, operations, elements, components, and/or groupsthereof. The method steps, processes, and operations described hereinare not to be construed as necessarily requiring their performance inthe particular order discussed or illustrated, unless specificallyidentified as an order of performance. It is also to be understood thatadditional or alternative steps may be employed.

When a feature is referred to as being “on,” “engaged to,” “connectedto,” “coupled to,” “associated with,” “included with,” or “incommunication with” another feature, it may be directly on, engaged,connected, coupled, associated, included, or in communication to or withthe other feature, or intervening features may be present. As usedherein, the term “and/or” includes any and all combinations of one ormore of the associated listed items.

Although the terms first, second, third, etc. may be used herein todescribe various features, these features should not be limited by theseterms. These terms may be only used to distinguish one feature fromanother. Terms such as “first,” “second,” and other numerical terms whenused herein do not imply a sequence or order unless clearly indicated bythe context. Thus, a first feature discussed herein could be termed asecond feature without departing from the teachings of the exampleembodiments.

None of the elements recited in the claims are intended to be ameans-plus-function element within the meaning of 35 U.S.C. § 112(f)unless an element is expressly recited using the phrase “means for,” orin the case of a method claim using the phrases “operation for” or “stepfor.”

The foregoing description of exemplary embodiments has been provided forpurposes of illustration and description. It is not intended to beexhaustive or to limit the disclosure. Individual elements or featuresof a particular embodiment are generally not limited to that particularembodiment, but, where applicable, are interchangeable and can be usedin a selected embodiment, even if not specifically shown or described.The same may also be varied in many ways. Such variations are not to beregarded as a departure from the disclosure, and all such modificationsare intended to be included within the scope of the disclosure.

What is claimed is:
 1. A computer-implemented method for use in validating customer use of one or more application programing interfaces (APIs), the method comprising: in response to a request from a customer computing device for use of an API hosted by an API computing device, selecting, by at least one computing device, a test case specific to the API for a test project, the API defining at least one service and a standard associated with the API for data payloads directed to the API computing device, wherein the API computing device is separate from the customer computing device and wherein the at least one computing device is separate from the customer computing device and the API computing device; transmitting, by the at least one computing device, the test project to the customer computing device, whereby the customer computing device executes the test case of the test project on the API, via the API computing device; and then monitoring, by the at least one computing device, data payloads between the API computing device and the customer computing device; and compiling and transmitting, by the at least one computing device, a report indicative of a result of the test case based on the monitored data payloads, the report indicative of whether the monitored data payloads are compliant with the standard associated with the API, thereby indicating certification of the customer's use of the API to provide the at least one service, or not.
 2. The computer-implemented method of claim 1, wherein selecting the test case includes selecting a plurality of test cases for the API and a customer associated with the customer computing device.
 3. The computer-implemented method of claim 1, wherein transmitting the test project to the customer computing device includes transmitting an electronic message including a link to the test project to the customer computing device.
 4. The computer-implemented method of claim 1, further comprising providing a notification to the customer computing device regarding a status of the test project, via a dashboard interface available to the customer, at the customer computing device; and wherein the dashboard interface includes a status of the test case for the test project.
 5. The computer-implemented method of claim 4, wherein providing the notification includes providing the notification in real time, or near real time.
 6. The computer-implemented method of claim 1, wherein the test case includes multiple test cases; wherein selecting the test case includes selecting the multiple test cases automatically, by the at least one computing device; and wherein the method further comprises receiving one or more inputs from a user at the at least one computing device to select and/or de-selecting one or more of the multiple test cases, after automatically selecting the multiple test cases.
 7. The computer-implemented method of claim 1, further comprising executing the test case of the test project in response to an input from the customer; identifying ones of the monitored data payloads consistent with the test case based on the ones of the monitored payloads being between the customer computing device and the API computing device; and determining whether the identified ones of the monitored data payloads are compliant with the standard associated with the API.
 8. The computer-implemented method of claim 1, wherein the customer includes a banking institution; wherein the API is hosted by a payment network; and wherein the at least one service relates to payment account transactions.
 9. The computer-implemented method of claim 1, further comprising validating use of the API by the customer when each of the monitored data payloads are compliant with the standard associated with the API.
 10. The computer-implemented method of claim 1, wherein monitoring the data payloads between the API computing device and the customer computing device includes monitoring the data payloads based on a log for the API in real time, or near-real time.
 11. The computer-implemented method of claim 1, wherein monitoring the data payloads between the API computing device and the customer computing device includes monitoring the data payloads based on the data passing through the at least one computing device in real time.
 12. A non-transitory computer-readable storage medium including executable instructions for validating customer use of one or more application programming interfaces (APIs), which when executed by at least one processor, cause the at least one processor to: select one or more test cases of a test project for a customer computing device of a customer for an API hosted by an API computing device, in response to a request by the customer for services specific to the API, the customer computing device being separate from the at least one processor and the API computing device; based on execution of at least one of the one or more test cases by the customer computing device, monitor data payloads between the API computing device and the customer computing device; determine whether each of the data payloads from the customer computing device to the API computing device conforms to a standard specification for the API; in response to each of the data payloads conforming to the standard specification for the API, generate and transmit a notification including a certification of the customer for use of the API; and in response to one or more of the data payloads failing to conform to the standard specification for the API, generate and transmit a notification indicative of the failure to conform to the standard specification for the API.
 13. The non-transitory computer-readable storage medium of claim 12, wherein the executable instructions, when executed by the at least one processor, cause the at least one processor to select the one or more test cases for the API based on the standard specification for the API.
 14. The non-transitory computer-readable storage medium of claim 13, wherein the selected one or more test cases include multiple selected test cases; and wherein the executable instructions, when executed by the at least one processor, further cause the at least one processor to de-select one or more of the multiple selected test cases in response to an input from a user.
 15. The non-transitory computer-readable storage medium of claim 12, wherein the executable instructions, when executed by the at least one processor, further cause the at least one processor to provide the notification including the certification of the customer for use of the API or the notification indicative of the failure to conform to the standard specification to a user associated with the at least one processor.
 16. The non-transitory computer-readable storage medium of claim 12, wherein the executable instructions, when executed by the at least one processor, cause the at least one processor to transmit the notification including the certification of the customer for use of the API, or the notification indicative of the failure to conform to the standard specification, to the customer computing device, via a dashboard interface.
 17. The non-transitory computer-readable storage medium of claim 12, wherein the customer includes a banking institution; wherein the API is hosted by a payment network; and wherein the services specific to the API relate to payment account transactions.
 18. A system for use in validating customer use of one or more application programming interfaces (APIs), the system comprising: at least one processor configured to: provide, to a customer, at a customer computing device of the customer, a test project including one or more test cases for an API hosted by an API computing device, wherein each of the one or more test cases is associated with an expected test case result specific to use of the API, and wherein the customer computing device is separate from the at least one processor and the API computing device, whereby the test project is executed at the customer computing device; monitor data payloads between the API computing device and the customer computing device for the test project; determine whether each of the monitored data payloads conforms to a specification of the API, based on whether the monitored data payload includes a result returned from the API that is consistent with the expected test case result associated with each of the one or more test cases; generate and transmit, to the customer, a notification indicative of a failure when the result returned from the API is inconsistent with the expected test case result associated with at least one of the one or more test cases of the test project.
 19. The system of claim 18, wherein the at least one processor is configured to bundle the one or more test cases into the test project for the customer computing device for the API, based on input from a user, prior to providing the test project to the customer; and wherein the input includes at least one of: the user selecting at least one of the one or more test cases, the user de-selecting at least one of the one or more test cases, and the user providing at least one of the one or more test cases. 